From e902973f24c75b24576e914d44a68beaaf2aff5b Mon Sep 17 00:00:00 2001 From: Stephen Hemminger Date: Tue, 25 May 2010 10:21:03 -0700 Subject: Add pam_cap capability configuration --- sysconf/capability.conf | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 sysconf/capability.conf (limited to 'sysconf') diff --git a/sysconf/capability.conf b/sysconf/capability.conf new file mode 100644 index 00000000..0a7235f1 --- /dev/null +++ b/sysconf/capability.conf @@ -0,0 +1,10 @@ +# this is a capability file (used in conjunction with the pam_cap.so module) + +# Special capability for Vyatta admin +all %vyattacfg + +# Vyatta Operator +cap_net_admin,cap_sys_boot,cap_audit_write %vyattaop + +## 'everyone else' gets no inheritable capabilities +none * -- cgit v1.2.3